Session management with OpenID, in ASP.NET

Posted by Andreas Grech on Stack Overflow See other posts from Stack Overflow or by Andreas Grech
Published on 2010-03-08T19:49:01Z Indexed on 2010/03/08 19:51 UTC
Read the original article Hit count: 361

Filed under:
|
|
|

I am currently playing with DotNetOpenAuth to make an ASP.NET (C#) website use OpenID instead of the normal login-password routine for user and session handling.

Up till now, I have added the DotNetOpenAuth.dll into my project and tried a test login page with the following:

<rp:OpenIdLogin ID="OpenIdLogin1" runat="server" />

When I run the page, I enter a valid myopenid url and the website redirects to the myopenid page, where I enter my password, and upon success, it returns back to my default.aspx, due to the following in my web.config:

<authentication mode="Forms">
    <forms defaultUrl="/Default.aspx" loginUrl="~/Login.aspx"/>
</authentication> 

Now that the user is "logged in", how can handle my session? At the moment, I don't know how I can, for example, check if the session is still alive or how to terminate the session.

My basic question is, how can I manage the session once the user is authenticated with OpenID ?

© Stack Overflow or respective owner

Related posts about ASP.NET

Related posts about openid